Ekuphunyezweni kojongano lwewebhu olusetyenziselwa izixhobo zeCisco ezibonakalayo kunye nezixhobo zeCisco ezixhotyiswe ngenkqubo yokusebenza yeCisco IOS XE, kuchongiwe ukuba semngciphekweni obalulekileyo (CVE-2023-20198), okuvumela, ngaphandle kokuqinisekiswa, ukufikelela ngokupheleleyo kwinkqubo ene umphakamo omkhulu wamalungelo, ukuba unofikelelo kuthungelwano lwezibuko apho ujongano lwewebhu lusebenza. Ingozi yengxaki ikhuliswa kukuba abahlaseli baye basebenzisa ubuthathaka obungabhalwanga inyanga yonke ukwenza ii-akhawunti ezongezelelweyo "cisco_tac_admin" kunye ne "cisco_support" enamalungelo omlawuli, kunye nokubeka ngokuzenzekelayo ukufakelwa kwizixhobo ezibonelela ngokufikelela kude ukuze baphumeze. imiyalelo kwisixhobo.
Ngaphandle kwento yokuba ukuqinisekisa umgangatho ofanelekileyo wokhuseleko, kuyacetyiswa ukuba uvule ukufikelela kwi-intanethi ye-intanethi kuphela kwiinginginya ezikhethiweyo okanye inethiwekhi yendawo, abalawuli abaninzi bashiya ukhetho lokudibanisa kwinethiwekhi yehlabathi. Ngokukodwa, ngokwenkonzo yeShodan, ngoku kukho ngaphezu kwe-140 lamawaka ezixhobo ezinokuthi zibe sesichengeni ezirekhodwe kuthungelwano lwehlabathi. Umbutho we-CERT sele urekhode malunga nama-35 amawaka ahlasele ngempumelelo izixhobo zeCisco kunye nokufakelwa okungalunganga okufakiwe.
Ngaphambi kokupapasha ukulungiswa okuphelisa ukuba sesichengeni, njengendlela yokusebenza yokuthintela ingxaki, kuyacetyiswa ukuba ukhubaze iseva ye-HTTP kunye ne-HTTPS kwisixhobo usebenzisa imiyalelo ethi "no ip http server" kunye "no ip http ekhuselekileyo-server" console, okanye umda ufikelelo kujongano lwewebhu kwifirewall. Ukujonga ubukho bofakelo oluyingozi, kuyacetyiswa ukuba wenze isicelo: curl -X POST http://IP-devices/webui/logoutconfirm.html?logon_hash=1 ethi, ukuba ithotyelwe, iya kubuyisela i-18-character. hashi. Unokuphinda uhlalutye ilogi kwisixhobo soqhagamshelo olungaphandle kunye nemisebenzi yokufaka iifayile ezongezelelweyo. % SYS-5-CONFIG_P: Iqwalaselwe ngokwenkqubo ngenkqubo SEP_webui_wsma_http ukusuka kwikhonsoli njengomsebenzisi olayini %SEC_LOGIN-5-WEBLOGIN_SUCCESS: Impumelelo yokuNgena [umsebenzisi: umsebenzisi] [Umthombo: umthombo_IP_address] ngo 05:41:11 UTC 17 % WEDITH Oct 2023 Oct. -6-INSTALL_OPERATION_INFO: Umsebenzisi: igama lomsebenzisi, Faka umsebenzi: ADD igama lefayile
Kwimeko yokulalanisa, ukususa ukufakelwa, qalisa ngokutsha isixhobo. Iiakhawunti ezenziwe ngumhlaseli zigcinwa emva kokuqalisa ngokutsha kwaye kufuneka zicinywe ngesandla. Ukufakelwa kufakwe kwifayile /usr/binos/conf/nginx-conf/cisco_service.conf kwaye ibandakanya imizila ye-29 yekhowudi ngolwimi lwesiLua, ukubonelela ngokufezekiswa kwemiyalelo engafanelekanga kwinqanaba lenkqubo okanye i-Cisco IOS XE yomyalelo we-interface ekuphenduleni. kwisicelo seHTTP esineseti ekhethekileyo yeeparamitha .
umthombo: opennet.ru